IDA Pro software version 6.1 or above supports debugging native programs under the Android platform. Compared with GDB, IDA dynamic debugging under the Android platform has obvious advantages. Most Android platforms in the industry use IDA for dynamic debugging. The advantages of IDA for debugging Android platform Natvie programs are concentrated in: the debugging environment is easier to build; IDA uses an interface to debug programs, which is easier for beginners; powerful functions are sufficient to meet the needs of dynamic debugging. Involving the analysis of Native programs without source code on the Android platform, the author strongly recommends readers to use IDA for dynamic debugging.
Android platform IDA debugging environment construction
Versions above IDA6.5 can debug native programs on the Android platform more stably. It is recommended to use versions after IDA6.5 to debug native programs on the Android platform.
The steps to build an environment for IDA to debug native programs on the Android platform are as follows:
1. Copy the Android_server program under the IDA directory to the Android device, and copy the native executable program (assumed to be a test file) to be debugged to the Android device. For example after copying: /data/Android_server, /data/test.
2. Give the Android_server and test programs executable permissions respectively, and the corresponding commands are:
adb shell chmod 755 /data/Android_server
adb shell chmod 755 /data/test
3. Execute the /data/Android_server program (adb shell /data/Android_server). After execution, port 23946 will be monitored. The corresponding effect picture is: 4. In
addition, start a command window and enter the following command to enable port forwarding:
Adb forward tcp:23946 tcp:23946
5. Start the IDA main program, click the menu item "Debugger->Run->Remote Arminux/Android debugger" option, and then pop up the lower box and configure related property items: fill in the relevant
item data and click OK to start the interface-based reverse debugging of the Android platform native program.
Attach mode to debug the running process, click the menu item "Debugger->Attach->Remote Arminux/Android debugger" option, and then the default box shown in the figure below will pop up: after clicking the "OK" option, IDA will pop up
all APP processes, corresponding The content of the popup box is as follows:
In the figure above, select the corresponding process name that needs to be Attached. At this time, IDA can attach the process and debug it, and then start debugging the corresponding process.